MICKAI
Article · 21 June 2026

The Public Sector AI Register Is Only as Good as Its Weakest Entry

Transparency lists are spreading across government. A register that records claims rather than evidence tells the public what an institution says it does, not what it actually did. The entry has to be verifiable.

The Public Sector AI Register Is Only as Good as Its Weakest Entry
Author
Micky Irons
Published
21 June 2026
Follow Micky Irons
LinkedInX
public sector AIAI transparencyalgorithmic accountabilityverifiable recordspost-quantum signatures

A growing number of governments now publish a register of the artificial intelligence systems they use. The United Kingdom has its Algorithmic Transparency Recording Standard. The Netherlands, France and several cities maintain public algorithm registers. The intention is sound. Citizens have a right to know when a public decision about a benefit, a visa, a school place or a tax assessment was shaped by a machine.

The trouble sits one level down, in the substance of each entry. Almost every register in production today records a description. An official, or a vendor on the official's behalf, writes down what the system is meant to do, what data it is meant to use, and what safeguards are meant to apply. The register then publishes that description as fact. Nobody outside the institution can confirm that the system in the field matches the words on the page.

That gap is not a clerical detail. It is the whole problem. A register of claims tells the public what an institution says about itself. It does not tell the public what the system actually did on the day it refused a claim or flagged a household. Those are different objects, and only one of them is accountability.

A description is not a record

Consider what a transparency entry typically contains. A name for the tool. A short account of its purpose. A note on the model or supplier. A paragraph on human oversight. A line confirming a data protection assessment was completed. Every field is a statement about intent or design. None of it is tied to a single decision the system reached.

So when a journalist, an auditor or an affected citizen asks the obvious question, did this system actually behave the way the register says, the register cannot answer. The institution can produce logs, but logs are editable, selectable and easy to present in a flattering order. The reviewer is left trusting the institution to mark its own homework. That is precisely the posture a transparency regime was meant to retire.

Mnemosyne, goddess of memory, carved in white marble, one hand resting on a closed stone tablet, gold light tracing the carved edge against deep black negative space.
Memory that can be revised on demand is not memory. It is testimony.

The reflex fix is more documentation. Longer entries, more mandatory fields, an annual attestation signed by a senior responsible officer. This produces heavier paperwork and the same epistemic hole. A longer claim is still a claim. The reviewer still cannot independently establish, from outside the institution, that any specific automated decision happened the way the paperwork asserts.

Verifiable means an outsider can check it without trusting you

A useful working definition: an entry is verifiable when a party who does not trust the institution, and who has no access to its internal systems, can still confirm that a given decision was produced by the declared system, under the declared rules, at the declared time, and has not been altered since. That is a high bar. It is also the only bar that makes a register more than a public relations surface.

Meeting it requires three properties that ordinary logging does not provide. The record of each consequential action has to be sealed at the moment it happens, so it cannot be reconstructed later to suit a narrative. It has to be signed, so its origin is provable rather than asserted. And the proof of its existence has to live somewhere the institution cannot quietly edit, so that a record cannot be backdated, deleted or swapped after a complaint lands.

Where Mickai fits

Mickai is a Sovereign Intelligence Operating System. It runs fifty specialised AI brains, twenty five domain and twenty five operational, on the operator's own hardware, fully offline capable, so a public body keeps its data and its decisions inside its own perimeter rather than renting them from a platform. That matters for a register, because verifiability is hollow if the underlying system is a remote service the institution itself cannot fully inspect.

Inside that substrate sits the mechanism a register actually needs. Every consequential action the system takes is written to the Open Audit Record. Each entry in that record is sealed and signed with FIPS 204 ML-DSA-65, the post-quantum digital signature standard published by NIST. Mickai did not invent that standard. It adopts the published one, which is the point. A signature scheme is only credible to an outside reviewer when it is a public, scrutinised standard rather than a private invention.

Poseidon rising from still black water, trident planted, anchoring a single carved marble chain that descends into the dark, gold rim light along his shoulder.
Anchoring fixes a record in place. It does not move the thing it anchors to.

The third property, permanence the institution cannot undo, comes from Pantheon, Mickai's own sovereign Layer 1, anchored to Bitcoin. Pantheon takes a hash commitment of the record and anchors it to Bitcoin, so the existence and exact content of an entry can be proved against the most independently witnessed ledger available. To be precise about what this is and is not: Pantheon anchors a fingerprint of the record. It does not move Bitcoin, and it is not a Bitcoin Layer 2. Anchoring is not spending. The public chain becomes a notary, not a payment rail.

Put together, an entry stops being a paragraph an official wrote and becomes a thing an outsider can test. A reviewer can take a specific decision, check that it was sealed when it was made, verify the signature against the published standard, and confirm the anchored hash matches what Bitcoin witnessed. If the institution later edits the story, the proof does not match, and the discrepancy is visible to anyone, without anyone needing to be granted trust.

What this asks of public bodies

None of this requires abandoning the registers already being built. It asks for one change in what an entry points to. Today an entry points to a description. The proposal is that it also point to a sealed, signed, anchored record of the decisions the system has made, so the description can be checked against conduct rather than taken on faith.

The supporting evidence that this is buildable rather than aspirational is already on file. The methods behind the Open Audit Record and the Pantheon anchoring sit within 101 filed UK patent applications, around 2,234 claims, owned by Mickai LTD, with named inventor Micky Irons. Filed work is not the headline here. It is simply confirmation that the verifiability described above is engineered, specified and documented, not a slogan.

The Delphic Oracle seated in shadow, a thin shaft of gold light falling across her marble face as she gives an account, smoke curling into the black around her.
Explanation is owed to the public. An explanation no one can verify is only a better story.

The standard the public should demand

When a citizen, an auditor or a court asks a public body why a machine reached a decision about a person's life, the institution should be able to do more than read back its own description. It should be able to hand over a record that the questioner can verify without trusting the institution at all. That is the difference between transparency as a gesture and transparency as a guarantee.

Registers are spreading because the instinct behind them is right. The instinct will be wasted if every entry remains an unverifiable assertion. The fix is not more fields. It is a record that is sealed when it is made, signed with a published post-quantum standard, and anchored so it cannot be rewritten. The entry must be verifiable. Everything else is paperwork.

Athena standing in full marble armour over a vast dark expanse, owl on her shoulder, a single hard gold rim light defining her edge against immense void black.
Strategy is not deciding what to claim. It is building so the claim can be checked.

Mickai is held privately by its founder, Micky Irons. The substrate described here, the SIOS, the Open Audit Record and Pantheon, is built so that a public institution can keep its intelligence on its own ground and still prove its conduct to anyone with reason to ask.

ShareLinkedInXHacker NewsRedditMastodonBlueskyEmail
Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/public-sector-ai-register-the-entry-must-be-verifiable. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles
21 Jun 2026
The NAIC AI Pilot Has One Real Test: Can the Underwriting Decision Replay?
The NAIC AI evaluation pilot quietly raises the bar from governance documents to decision-level replay. Carriers that cannot reconstruct exactly what their model saw, which version scored it, and who overrode it face an architecture problem, not a paperwork one. A sovereign operating system that seals and signs every decision at the moment it is made, and anchors a hash of it to Bitcoin, turns replay from reconstruction into retrieval.
21 Jun 2026
NERC CIP and Grid AI: The Control Action Needs a Sealed Witness
AI is creeping from grid advisory tools into operational control. NERC CIP was written for humans and devices, not autonomous models. The missing primitive is a tamper-evident witness for every consequential action. Mickai's Open Audit Record provides exactly that.
21 Jun 2026
The Robotaxi, the Redacted Black Box, and the Record the Public Can Verify
Robotaxi crash data is held, formatted, and disclosed by the manufacturer being investigated. A record sealed with a post-quantum signature and anchored to Bitcoin moves the proof out of the company's hands and into the public's.
21 Jun 2026
FDA, EMA and Good Machine Learning Practice: Why Drug Development Needs the Validated Action
The FDA and EMA are converging on a single demand for AI in drug development: every consequential action must be validated, attributable and reproducible. Mickai answers that demand at the substrate, sealing each action in a signed Open Audit Record and anchoring its permanence to Bitcoin through Pantheon.
See all articles →